providers/scim: fix missing schemas attribute for User and Group (#7477) * providers/scim: fix missing schemas attribute for User and Group * make things actually work --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens L <jens@goauthentik.io>
This commit is contained in:
parent
3891fb3fa8
commit
769ce3ce7b
|
@ -46,7 +46,9 @@ class SCIMGroupClient(SCIMClient[Group, SCIMGroupSchema]):
|
||||||
|
|
||||||
def to_scim(self, obj: Group) -> SCIMGroupSchema:
|
def to_scim(self, obj: Group) -> SCIMGroupSchema:
|
||||||
"""Convert authentik user into SCIM"""
|
"""Convert authentik user into SCIM"""
|
||||||
raw_scim_group = {}
|
raw_scim_group = {
|
||||||
|
"schemas": ("urn:ietf:params:scim:schemas:core:2.0:Group",),
|
||||||
|
}
|
||||||
for mapping in (
|
for mapping in (
|
||||||
self.provider.property_mappings_group.all().order_by("name").select_subclasses()
|
self.provider.property_mappings_group.all().order_by("name").select_subclasses()
|
||||||
):
|
):
|
||||||
|
|
|
@ -15,12 +15,14 @@ from pydanticscim.user import User as BaseUser
|
||||||
class User(BaseUser):
|
class User(BaseUser):
|
||||||
"""Modified User schema with added externalId field"""
|
"""Modified User schema with added externalId field"""
|
||||||
|
|
||||||
|
schemas: tuple[str] = ("urn:ietf:params:scim:schemas:core:2.0:User",)
|
||||||
externalId: Optional[str] = None
|
externalId: Optional[str] = None
|
||||||
|
|
||||||
|
|
||||||
class Group(BaseGroup):
|
class Group(BaseGroup):
|
||||||
"""Modified Group schema with added externalId field"""
|
"""Modified Group schema with added externalId field"""
|
||||||
|
|
||||||
|
schemas: tuple[str] = ("urn:ietf:params:scim:schemas:core:2.0:Group",)
|
||||||
externalId: Optional[str] = None
|
externalId: Optional[str] = None
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -39,7 +39,9 @@ class SCIMUserClient(SCIMClient[User, SCIMUserSchema]):
|
||||||
|
|
||||||
def to_scim(self, obj: User) -> SCIMUserSchema:
|
def to_scim(self, obj: User) -> SCIMUserSchema:
|
||||||
"""Convert authentik user into SCIM"""
|
"""Convert authentik user into SCIM"""
|
||||||
raw_scim_user = {}
|
raw_scim_user = {
|
||||||
|
"schemas": ("urn:ietf:params:scim:schemas:core:2.0:User",),
|
||||||
|
}
|
||||||
for mapping in self.provider.property_mappings.all().order_by("name").select_subclasses():
|
for mapping in self.provider.property_mappings.all().order_by("name").select_subclasses():
|
||||||
if not isinstance(mapping, SCIMMapping):
|
if not isinstance(mapping, SCIMMapping):
|
||||||
continue
|
continue
|
||||||
|
|
|
@ -61,7 +61,11 @@ class SCIMGroupTests(TestCase):
|
||||||
self.assertEqual(mock.request_history[1].method, "POST")
|
self.assertEqual(mock.request_history[1].method, "POST")
|
||||||
self.assertJSONEqual(
|
self.assertJSONEqual(
|
||||||
mock.request_history[1].body,
|
mock.request_history[1].body,
|
||||||
{"externalId": str(group.pk), "displayName": group.name},
|
{
|
||||||
|
"schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"],
|
||||||
|
"externalId": str(group.pk),
|
||||||
|
"displayName": group.name,
|
||||||
|
},
|
||||||
)
|
)
|
||||||
|
|
||||||
@Mocker()
|
@Mocker()
|
||||||
|
@ -96,7 +100,11 @@ class SCIMGroupTests(TestCase):
|
||||||
validate(body, loads(schema.read()))
|
validate(body, loads(schema.read()))
|
||||||
self.assertEqual(
|
self.assertEqual(
|
||||||
body,
|
body,
|
||||||
{"externalId": str(group.pk), "displayName": group.name},
|
{
|
||||||
|
"schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"],
|
||||||
|
"externalId": str(group.pk),
|
||||||
|
"displayName": group.name,
|
||||||
|
},
|
||||||
)
|
)
|
||||||
group.save()
|
group.save()
|
||||||
self.assertEqual(mock.call_count, 4)
|
self.assertEqual(mock.call_count, 4)
|
||||||
|
@ -129,7 +137,11 @@ class SCIMGroupTests(TestCase):
|
||||||
self.assertEqual(mock.request_history[1].method, "POST")
|
self.assertEqual(mock.request_history[1].method, "POST")
|
||||||
self.assertJSONEqual(
|
self.assertJSONEqual(
|
||||||
mock.request_history[1].body,
|
mock.request_history[1].body,
|
||||||
{"externalId": str(group.pk), "displayName": group.name},
|
{
|
||||||
|
"schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"],
|
||||||
|
"externalId": str(group.pk),
|
||||||
|
"displayName": group.name,
|
||||||
|
},
|
||||||
)
|
)
|
||||||
group.delete()
|
group.delete()
|
||||||
self.assertEqual(mock.call_count, 4)
|
self.assertEqual(mock.call_count, 4)
|
||||||
|
|
|
@ -89,6 +89,7 @@ class SCIMMembershipTests(TestCase):
|
||||||
self.assertJSONEqual(
|
self.assertJSONEqual(
|
||||||
mocker.request_history[3].body,
|
mocker.request_history[3].body,
|
||||||
{
|
{
|
||||||
|
"schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
|
||||||
"emails": [],
|
"emails": [],
|
||||||
"active": True,
|
"active": True,
|
||||||
"externalId": user.uid,
|
"externalId": user.uid,
|
||||||
|
@ -99,7 +100,11 @@ class SCIMMembershipTests(TestCase):
|
||||||
)
|
)
|
||||||
self.assertJSONEqual(
|
self.assertJSONEqual(
|
||||||
mocker.request_history[5].body,
|
mocker.request_history[5].body,
|
||||||
{"externalId": str(group.pk), "displayName": group.name},
|
{
|
||||||
|
"schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"],
|
||||||
|
"externalId": str(group.pk),
|
||||||
|
"displayName": group.name,
|
||||||
|
},
|
||||||
)
|
)
|
||||||
|
|
||||||
with Mocker() as mocker:
|
with Mocker() as mocker:
|
||||||
|
@ -118,6 +123,7 @@ class SCIMMembershipTests(TestCase):
|
||||||
self.assertJSONEqual(
|
self.assertJSONEqual(
|
||||||
mocker.request_history[1].body,
|
mocker.request_history[1].body,
|
||||||
{
|
{
|
||||||
|
"schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
|
||||||
"Operations": [
|
"Operations": [
|
||||||
{
|
{
|
||||||
"op": "add",
|
"op": "add",
|
||||||
|
@ -125,7 +131,6 @@ class SCIMMembershipTests(TestCase):
|
||||||
"value": [{"value": user_scim_id}],
|
"value": [{"value": user_scim_id}],
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
|
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -174,6 +179,7 @@ class SCIMMembershipTests(TestCase):
|
||||||
self.assertJSONEqual(
|
self.assertJSONEqual(
|
||||||
mocker.request_history[3].body,
|
mocker.request_history[3].body,
|
||||||
{
|
{
|
||||||
|
"schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
|
||||||
"active": True,
|
"active": True,
|
||||||
"displayName": "",
|
"displayName": "",
|
||||||
"emails": [],
|
"emails": [],
|
||||||
|
@ -184,7 +190,11 @@ class SCIMMembershipTests(TestCase):
|
||||||
)
|
)
|
||||||
self.assertJSONEqual(
|
self.assertJSONEqual(
|
||||||
mocker.request_history[5].body,
|
mocker.request_history[5].body,
|
||||||
{"externalId": str(group.pk), "displayName": group.name},
|
{
|
||||||
|
"schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"],
|
||||||
|
"externalId": str(group.pk),
|
||||||
|
"displayName": group.name,
|
||||||
|
},
|
||||||
)
|
)
|
||||||
|
|
||||||
with Mocker() as mocker:
|
with Mocker() as mocker:
|
||||||
|
@ -203,6 +213,7 @@ class SCIMMembershipTests(TestCase):
|
||||||
self.assertJSONEqual(
|
self.assertJSONEqual(
|
||||||
mocker.request_history[1].body,
|
mocker.request_history[1].body,
|
||||||
{
|
{
|
||||||
|
"schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
|
||||||
"Operations": [
|
"Operations": [
|
||||||
{
|
{
|
||||||
"op": "add",
|
"op": "add",
|
||||||
|
@ -210,7 +221,6 @@ class SCIMMembershipTests(TestCase):
|
||||||
"value": [{"value": user_scim_id}],
|
"value": [{"value": user_scim_id}],
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
|
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -230,6 +240,7 @@ class SCIMMembershipTests(TestCase):
|
||||||
self.assertJSONEqual(
|
self.assertJSONEqual(
|
||||||
mocker.request_history[1].body,
|
mocker.request_history[1].body,
|
||||||
{
|
{
|
||||||
|
"schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
|
||||||
"Operations": [
|
"Operations": [
|
||||||
{
|
{
|
||||||
"op": "remove",
|
"op": "remove",
|
||||||
|
@ -237,6 +248,5 @@ class SCIMMembershipTests(TestCase):
|
||||||
"value": [{"value": user_scim_id}],
|
"value": [{"value": user_scim_id}],
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
|
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
|
|
|
@ -66,6 +66,7 @@ class SCIMUserTests(TestCase):
|
||||||
self.assertJSONEqual(
|
self.assertJSONEqual(
|
||||||
mock.request_history[1].body,
|
mock.request_history[1].body,
|
||||||
{
|
{
|
||||||
|
"schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
|
||||||
"active": True,
|
"active": True,
|
||||||
"emails": [
|
"emails": [
|
||||||
{
|
{
|
||||||
|
@ -121,6 +122,7 @@ class SCIMUserTests(TestCase):
|
||||||
self.assertEqual(
|
self.assertEqual(
|
||||||
body,
|
body,
|
||||||
{
|
{
|
||||||
|
"schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
|
||||||
"active": True,
|
"active": True,
|
||||||
"emails": [
|
"emails": [
|
||||||
{
|
{
|
||||||
|
@ -173,6 +175,7 @@ class SCIMUserTests(TestCase):
|
||||||
self.assertJSONEqual(
|
self.assertJSONEqual(
|
||||||
mock.request_history[1].body,
|
mock.request_history[1].body,
|
||||||
{
|
{
|
||||||
|
"schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
|
||||||
"active": True,
|
"active": True,
|
||||||
"emails": [
|
"emails": [
|
||||||
{
|
{
|
||||||
|
@ -240,6 +243,7 @@ class SCIMUserTests(TestCase):
|
||||||
self.assertJSONEqual(
|
self.assertJSONEqual(
|
||||||
mock.request_history[1].body,
|
mock.request_history[1].body,
|
||||||
{
|
{
|
||||||
|
"schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
|
||||||
"active": True,
|
"active": True,
|
||||||
"emails": [
|
"emails": [
|
||||||
{
|
{
|
||||||
|
|
Reference in a new issue